A report in the Oracle and KPMG cloud threat 2020 series
In our 2020 cloud threat survey, Oracle and KPMG wanted to gauge to what degree businesses understand the cloud security shared responsibility model, whether organizations have clarified areas of confusion around cloud security since the 2019 survey and whether ongoing confusion has had a material impact on the security of business information. The findings show that there is work to do within the cloud industry collectively.
The cloud security shared responsibility model varies by service type and provider.
The absence of a single model across the diverse landscape of cloud services requires businesses to take a more proactive approach to understand the shared responsibility model.
Confusion grows as businesses struggle to understand and operationalize the model.
Increased confusion about how a subscriber and a cloud service provider coordinate securing the cloud is further evidence of a problematic cloud security readiness gap that is preventing businesses from operationalizing their obligations.
The ramifications of confusion about the shared model are serious.
The implications of confusion are not trivial, including misconfigured cloud services, resulting in possible data loss, introduction of malware, failed audits and more.
Subscribers seek more transparency from their cloud service providers.
The abstract nature of cloud computing leaves many subscribers wanting to better understand the successes of their cloud service provider's SecOp programs.
Demystifying the cloud shared responsibility security model
Download your copy of the report (9 MB) to explore these themes from the research findings.